Electronic commerce is projected to grow at a high rate and this will have a significant impact on the financial industry. Estimates for 1998 are 700 million dollars worth of total revenues. Further growth promises $1 trillion by 2010. No financial institution will be left unaffected by the rapid growth of electronic commerce. One obstacle that can inhibit this growth, however, is the lack of secure electronic payments. Consumers and merchants are wary of transmitting their payment information over open networks such as the Internet and this caution affects the interest of merchants and financial institutions.
The technology of electronic commerce has adopted a number of terms that need to be defined in order to discuss the prior art and the invention. A short glossary of such terms follows.                Acquirer—The financial institution (or an agent of the financial institution) that receives from the merchant the financial data relating to a transaction authorizes the transaction, obtains the funds from the issuer, and pays those funds into a merchant financial account. The acquiring institution can act as its own merchant certificate authority (MCA) or can contract with a third party for service.        Authentication—In computer security, the process used to verify the identity of a user or the user's eligibility to access an object; verification that a message has not been altered or corrupted; a process used to verify the user of an information system or protected resources.        Authorization—In payment card systems, the process used to verify that a credit or debit account is valid and holds sufficient credit or funds to cover a particular payment. Authorization is performed before goods or services are provided, in order to ensure that the cardholder credit can support payment.        Browser—A computer program that allows a user to read hypertext messages such as HTML pages on the World Wide Web.        Capture—In payment card systems, the process used by a merchant to claim payment from an issuing bank via an acquiring bank. Capture is performed after goods and services are provided. Optionally, capture may be combined with authorization in the case where goods or services are provided at the time of authorization.        Cardholder—A person who has a valid payment card account and uses software that supports electronic commerce. Also known as shopper, online shopper, consumer, or buyer.        Certificate—A document issued by a trusted party that serves as physical evidence of the identity and privileges of the holder. Usually used as synonymous with an electronic certificate or digital certificate since an actual document is of little value in a world of electronic commerce.        Certificate authority (CA)—an organization that issues certificates. The CA responds to the actions of a Registration Authority (RA) and issues new certificates, manages existing certificates, renews existing certificates, and revokes certificates belonging to users who are no longer authorized to use them.        Certificate chain—a hierarchy of trusted digital certificates that can be “chained” or authenticated back to the “chain's” ultimate trust level—the top of the hierarchy called the “root certificate.”        Digital certificate—An electronic document digitally signed by a trusted party. The digital certificate binds a person's or entity's unique name to a public/private key pair.        Digital signature—Data that is appended to, or is a cryptographic transformation of, a data unit. Digital signature enables the recipient of the data unit to verify the source and integrity of the unit and to recognize potential forgery.        Digital wallet or Consumer wallet—Software that works like a physical wallet during electronic commerce transactions. A wallet can hold a user's payment information, a digital certificate to identify the user, and shipping information to speed transactions. The consumer benefits because his or her payment information is handled securely and because some wallets will automatically input shipping information at the merchant's site and will give the consumer the option of paying by digital cash or check. Merchants benefit by receiving protection against fraud. The wallet is used to protect and store credit/debit information, protect the transmission of that information to only the people that are authorized to see it and to authenticate the cardholder.        Issuer—a financial institution that issues payment cards to individuals. An issuer can act as its own cardholder certificate authority (CCA) or can contract with a third party for the service.        Key pair—In computer security, a matched set of public and private keys. When used for encryption, the sender uses the public key half to encrypt the message, and the recipient uses the private key half to decrypt the message. When used for signing, the signer uses the private key half to sign a message, and the recipient uses the public key half to verify the signature.        Merchant server—a Web server that offers cataloged shopping services. The equivalent to a physical store.        Password—For computer or network security, a specific string of characters entered by a user and authenticated by the system in determining the user's privileges, if any, to access and manipulate the data and operations of the system.        Payment card—a credit card or debit card that is issued by a financial institution and shows a relationship between the cardholder and the financial institution.        Registration authority (RA)—An organization or person authorized or licensed to authenticate a certificate requestor's identity and the services that the requester is then authorized to use. The RA approves requests so that certificates can be issued, renewed, updated, or revoked by a CA. The RA is usually a credit officer of an issuing or acquiring bank and approves the certificate requests for its members.        Secure Sockets Layer—A security protocol that allows the client to authenticate the server and all data and requests to be encrypted. SSL offers a very limited trust model and a secure link between client and server.        Thin wallet—generally the digital wallet program resides on the user's PC, but a “thin” wallet places some of the wallet function on a server, thereby reducing the program size on the user's PC and enabling an easier modification of the wallet's features.        Trusted Root—the base or top level certificate that provides the basis for the trusted hierarchy.        
The prior art SET Secure Electronic Transaction™ (trademark and service mark owned by SET Secure Electronic Transaction LLC) protocol has been developed as a method to secure bankcard transactions over public networks. SET is an open standard, multi-party protocol for conducting secure bankcard payments over the Internet. SET provides message integrity, authentication of all financial data, and encryption of sensitive data.
SET is a 3-party protocol involving a cardholding consumer, a merchant, and a payment gateway operating on behalf of the acquiring bank, as shown in FIG. 1. When a consumer is ready to buy something from a merchant on the internet using a credit or debit card, the consumer's computer 102 sends a consumer payment request over internet path 120 to the merchant's computer 104, in a first step. The merchant's computer 104 forwards the consumer's payment request over internet path 122 during a second step to an acquirer gateway 106 operating on behalf of the acquirer bank 108. The acquirer gateway 106 passes the consumer's payment request to the acquirer bank 108 over a private network path 122′. The acquirer bank 108 sends the consumer's payment request to the card issuing bank 112 over the private network path 124 to check whether the consumer's credit or debit card account is active and sufficient for the proposed transaction with the merchant. The issuing bank 112, as the card issuer, authorizes the transaction in a message sent over private path 126 to the acquiring bank 108. The acquiring bank 108 sends the transaction authorization over private path 128′ to the acquirer gateway 106, signing the message with the acquiring bank's digital signature. The acquirer gateway 106 forwards it over the internet path 128 to the merchant, authorizing the merchant to proceed with the transaction. Once the merchant has received the transaction authorization from the acquirer gateway 106, the merchant completes the sales transaction with the consumer. Then later, the merchant sends a message over internet path 142 to the acquirer gateway 106 to capture the transaction and get paid. The acquirer gateway then sends a payment message over path 144 to the merchant. The acquiring bank 108 may participate in some or all of the payment steps over private network paths 142′ and 144′. Then, at the end of the business day, the acquiring bank will settle accounts with the issuing bank 112 over the private network.
Some implementors of SET are providing “thin” wallets, where all or some of the wallet function are implemented in server systems rather than in consumer-controlled machines. Where the wallet servers are run by issuing banks, it would be desirable to have the wallet serves directly authorize transactions before they are submitted to merchants. This would save the time and complexity required when the merchants obtain authorization from issuers through the merchant's acquiring banks. It would also be desirable to expand the cardholder authentication methods supported by the SET protocol, to enable an issuer to independently choose alternate authentication mechanisms without changing the acquiring gateway. As with any system, it would also be desirable to simplify the SET protocol in order to enable its easier implementation and to improve its overall performance.